Impact
The vulnerability stems from missing authorization checks within several API endpoints of Rockwell Automation FactoryTalk Analytics PavilionX. An unauthorized actor who gains network access to the vulnerable APIs can trigger privileged operations such as creating, modifying, or deleting user accounts, roles, and other administrative settings. This lack of proper authorization enforcement—identified as Missing Authorization (CWE‑862)—can enable a single compromised session to fully control the system’s security configuration, leading to extensive compromise of confidentiality, integrity, and availability of the overall environment.
Affected Systems
Rockwell Automation FactoryTalk Analytics PavilionX is the product affected. No specific version information is listed in the advisory, so all installations of this product are potentially vulnerable until a patch is applied.
Risk and Exploitability
The CVSS score of 8.3 places this issue in the high severity category, and the EPSS score of less than 1% suggests that, at the time of this analysis, the likelihood of public exploitation is low. However, because the vulnerability is not included in the CISA KEV catalogue, there is no evidence of active exploitation, the risk is primarily theoretical but with significant potential impact. The attack vector is inferred to be the exposed API endpoints that require authentication; if an attacker can reach these endpoints from within the trusted network or via an exploited authenticated session, they can trigger the privileged operations.
OpenCVE Enrichment